|
1
|
8.8 |
HIGH
Network
|
concretecms
|
concrete_cms
|
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery (CSRF) at concrete/controllers/dialog/event/duplicate. The Concrete CMS security team gave this vulnerability a CVSS v.4.0 scor…
Update
|
CWE-352
CWE-1275
Origin Validation Error
Sensitive Cookie with Improper SameSite Attribute
|
CVE-2026-8414
|
2026-05-27 03:59 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9384
|
2026-05-27 03:59 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Th…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9385
|
2026-05-27 03:59 |
2026-05-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipu…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9386
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component Web Management Interfa…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9387
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface.…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9388
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setDdnsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulat…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9404
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Perf…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9405
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setRemoteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a m…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9406
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setFirewallType of the file /cgi-bin/cstecgi.cgi of the component We…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9407
|
2026-05-27 03:59 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
